Date: Mon, 31 Jul 2000 11:27:54 -0700 (PDT) From: Peter Van Epp <vanepp@sfu.ca> To: questions@FreeBSD.org Subject: syslogd -s -a xxx on 4.1-RELEASE? Message-ID: <200007311827.LAA01738@fraser.sfu.ca>
next in thread | raw e-mail | index | archive | help
Am I making an obvious mistake or is the -a option to syslog broken?
On a 4.1-RELEASE machine I'm attempting to log from the network to /data/local1
to 6. This has been working (modulo syslog dying, which is part of the reason
for the upgrade) without the -s -a options to syslogd and still does if I
start syslogd without those options. This is the syslog.conf file (for all
tests):
loghost# cat /etc/syslog.conf
# $FreeBSD: src/etc/syslog.conf,v 1.13 2000/02/08 21:57:28 rwatson Exp $
#
# Spaces are NOT valid field separators in this file.
# Consult the syslog.conf(5) manpage.
*.err;kern.debug;auth.notice;mail.crit /dev/console
*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
security.* /var/log/security
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
cron.* /var/log/cron
*.err root
*.notice;news.err root
*.alert root
*.emerg *
local1.debug /data/local1
local2.debug /data/local2
local3.debug /data/local3
local4.debug /data/local4
local5.debug /data/local5
local6.debug /data/local6
# uncomment this to enable logging of all log messages to /var/log/all.log
#*.* /var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.* @loghost
# uncomment these if you're running inn
# news.crit /var/log/news/news.crit
# news.err /var/log/news/news.err
# news.notice /var/log/news/news.notice
!startslip
*.* /var/log/slip.log
!ppp
*.* /var/log/ppp.log
A syslogd with -s -a and debug (no logging to the local* files occurs although
local logging does):
loghost# !ps
ps auxw | grep syslog
loghost# syslogd -s -a '142.58.47.0/24:*' -d
off & running....
init
cfline("*.err;kern.debug;auth.notice;mail.crit /dev/console", f, "*")
cfline("*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages", f, "*")
cfline("security.* /var/log/security", f, "*")
cfline("mail.info /var/log/maillog", f, "*")
cfline("lpr.info /var/log/lpd-errs", f, "*")
cfline("cron.* /var/log/cron", f, "*")
cfline("*.err root", f, "*")
cfline("*.notice;news.err root", f, "*")
cfline("*.alert root", f, "*")
cfline("*.emerg *", f, "*")
cfline("local1.debug /data/local1", f, "*")
cfline("local2.debug /data/local2", f, "*")
cfline("local3.debug /data/local3", f, "*")
cfline("local4.debug /data/local4", f, "*")
cfline("local5.debug /data/local5", f, "*")
cfline("local6.debug /data/local6", f, "*")
cfline("*.* /var/log/slip.log", f, "startslip")
cfline("*.* /var/log/ppp.log", f, "ppp")
7 3 2 3 5 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X CONSOLE: /dev/console
7 5 2 5 5 5 6 3 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 X FILE: /var/log/messages
X X X X X X X X X X X X X 8 X X X X X X X X X X X FILE: /var/log/security
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/maillog
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE: /var/log/lpd-errs
X X X X X X X X X 8 X X X X X X X X X X X X X X X FILE: /var/log/cron
3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X USERS: root,
5 5 5 5 5 5 5 3 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 X USERS: root,
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 X USERS: root,
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:
X X X X X X X X X X X X X X X X X 7 X X X X X X X FILE: /data/local1
X X X X X X X X X X X X X X X X X X 7 X X X X X X FILE: /data/local2
X X X X X X X X X X X X X X X X X X X 7 X X X X X FILE: /data/local3
X X X X X X X X X X X X X X X X X X X X 7 X X X X FILE: /data/local4
X X X X X X X X X X X X X X X X X X X X X 7 X X X FILE: /data/local5
X X X X X X X X X X X X X X X X X X X X X X 7 X X FILE: /data/local6
8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 X FILE: /var/log/slip.log (startslip)
8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 X FILE: /var/log/ppp.log (ppp)
logmsg: pri 56, flags 4, from loghost, msg syslogd: restart
syslogd: restarted
logmsg: pri 46, flags 0, from loghost, msg Jul 31 11:22:28 sshd[254]: Accepted password for vanepp from 142.58.1.8 port 2653
logmsg: pri 15, flags 0, from loghost, msg Jul 31 11:22:38 vanepp: test
Logging to FILE /var/log/messages
Logging to USERS
^Csyslogd: exiting on signal 2
syslogd: exiting on signal 2
logmsg: pri 53, flags 4, from loghost, msg syslogd: exiting on signal 2
Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
Logging to USERS
Logging to USERS
And a successful syslogd invocation (successful but undesirable!):
loghost# !ps
ps auxw | grep syslog
loghost# syslogd -d
off & running....
init
cfline("*.err;kern.debug;auth.notice;mail.crit /dev/console", f, "*")
cfline("*.notice;kern.debug;lpr.info;mail.crit;news.err /var/log/messages", f, "*")
cfline("security.* /var/log/security", f, "*")
cfline("mail.info /var/log/maillog", f, "*")
cfline("lpr.info /var/log/lpd-errs", f, "*")
cfline("cron.* /var/log/cron", f, "*")
cfline("*.err root", f, "*")
cfline("*.notice;news.err root", f, "*")
cfline("*.alert root", f, "*")
cfline("*.emerg *", f, "*")
cfline("local1.debug /data/local1", f, "*")
cfline("local2.debug /data/local2", f, "*")
cfline("local3.debug /data/local3", f, "*")
cfline("local4.debug /data/local4", f, "*")
cfline("local5.debug /data/local5", f, "*")
cfline("local6.debug /data/local6", f, "*")
cfline("*.* /var/log/slip.log", f, "startslip")
cfline("*.* /var/log/ppp.log", f, "ppp")
7 3 2 3 5 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X CONSOLE: /dev/console
7 5 2 5 5 5 6 3 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 X FILE: /var/log/messages
X X X X X X X X X X X X X 8 X X X X X X X X X X X FILE: /var/log/security
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/maillog
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE: /var/log/lpd-errs
X X X X X X X X X 8 X X X X X X X X X X X X X X X FILE: /var/log/cron
3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X USERS: root,
5 5 5 5 5 5 5 3 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 5 X USERS: root,
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 X USERS: root,
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 X WALL:
X X X X X X X X X X X X X X X X X 7 X X X X X X X FILE: /data/local1
X X X X X X X X X X X X X X X X X X 7 X X X X X X FILE: /data/local2
X X X X X X X X X X X X X X X X X X X 7 X X X X X FILE: /data/local3
X X X X X X X X X X X X X X X X X X X X 7 X X X X FILE: /data/local4
X X X X X X X X X X X X X X X X X X X X X 7 X X X FILE: /data/local5
X X X X X X X X X X X X X X X X X X X X X X 7 X X FILE: /data/local6
8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 X FILE: /var/log/slip.log (startslip)
8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 X FILE: /var/log/ppp.log (ppp)
logmsg: pri 56, flags 4, from loghost, msg syslogd: restart
syslogd: restarted
cvthname(142.58.47.253)
logmsg: pri 217, flags 0, from annex8k1, msg radlog[1285]: Sent RADIUS Accounting-Request to 142.58.103.2
Logging to FILE /data/local1
cvthname(142.58.47.253)
logmsg: pri 217, flags 0, from annex8k1, msg radlog[1285]: Received RADIUS Accounting-Response from 142.58.103.2
Logging to FILE /data/local1
cvthname(142.58.47.252)
logmsg: pri 226, flags 0, from annex8k2, msg ppp[21844]: ppp:asy31:LCP Closing LCP
Logging to FILE /data/local2
Logging to FILE /var/log/ppp.log
cvthname(142.58.47.252)
logmsg: pri 226, flags 0, from annex8k2, msg ppp[21844]: ppp:asy31:remote_close
Logging to FILE /data/local2
Logging to FILE /var/log/ppp.log
...
Logging to FILE /data/local2
^Csyslogd: exiting on signal 2
syslogd: exiting on signal 2
logmsg: pri 53, flags 4, from loghost, msg syslogd: exiting on signal 2
Logging to CONSOLE /dev/console
Logging to FILE /var/log/messages
Logging to USERS
Logging to USERS
So, have I misconfigured it or is it broken?
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007311827.LAA01738>